#!/bin/bash

REAL_IP_CONFIG="/etc/nginx/conf.d/real_ip.conf"

cert_gen(){
    openssl genrsa -out /etc/nginx/cert/server.key 2048
    openssl req -new -out /etc/nginx/cert/server.csr -key /etc/nginx/cert/server.key -subj /CN=localhost
    openssl x509 -req -days 3600 -in /etc/nginx/cert/server.csr -signkey /etc/nginx/cert/server.key -out /etc/nginx/cert/server.crt
}

if [ "${INBIZ}" == "true" ]; then
    /opt/nginx/nginx-inbiz-config.sh &
fi
if [ "${SEARCHENGINE}" == "true" ]; then
    /opt/nginx/nginx-search-config.sh &
fi
if [ "${KMPERM}" == "true" ]; then
    /opt/nginx/nginx-kmperm-config.sh &
fi
if [ "${EDRMSCORE}" == "true" ]; then
    /opt/nginx/nginx-edrmscore-config.sh &
fi
if [ "${EDRMSMOBILE}" == "true" ]; then
    /opt/nginx/nginx-edrmsmobile-config.sh &
fi

if [ -z "${WF}" -o "${WF}" == "true"  ];then
     /opt/nginx/nginx_wf_config.sh &
fi



if [ "${INBIZTHIRD}" == "true" ]; then
    /opt/nginx/nginx-inbiz-third-config.sh &
fi

if [ "${UDCMGT}" == "true" ]; then
    /opt/nginx/nginx-udc-config.sh &
    /opt/nginx/nginx-udcservicemesh.sh &
fi

if [ "${EDOC2_SCALE}" == "true" ]; then
    /opt/nginx/edoc2-scale.sh &
fi

if [ -n "${REAL_IP}" ];then
       echo "real_ip_header    X-Forwarded-For;" > ${REAL_IP_CONFIG}
       echo "real_ip_recursive on;" >> ${REAL_IP_CONFIG}
   for rip in $(echo ${REAL_IP}|tr , ' ')
   do
       echo "set_real_ip_from ${rip};" >> ${REAL_IP_CONFIG}
   done
fi

if [ "${REGION}" == "true"  ];then
   NGINX_CONFIG_80="nginx_region_80.conf"
   NGINX_CONFIG_SSL="nginx_region_ssl.conf"
else 
   NGINX_CONFIG_80="nginx_80.conf"
   NGINX_CONFIG_SSL="nginx_ssl.conf"
fi


if [ "${SSL}" != "true" ];then
    cp -rf /opt/nginx/${NGINX_CONFIG_80} /etc/nginx/conf.d/default.conf
else
    crts=($(ls /etc/nginx/cert | egrep 'pem|crt'))
    if [ "${#crts[@]}" -gt 0 ]; then
        SSL_CERT="/etc/nginx/cert/${crts[0]}"
        SSL_CERT_KEY=$(ls /etc/nginx/cert/*.key)
    else
        cert_gen
        SSL_CERT=$(ls /etc/nginx/cert/*.crt)
        SSL_CERT_KEY=$(ls /etc/nginx/cert/*.key)
    fi
    cp -rf /opt/nginx/${NGINX_CONFIG_SSL} /etc/nginx/conf.d/default.conf
    sed -i s%DOMAIN_NAME%${DOMAIN_NAME}%g /etc/nginx/conf.d/default.conf
    sed -i s%SSL_CERT%${SSL_CERT}%g /etc/nginx/conf.d/default.conf
    sed -i s%SSL_KEY%${SSL_CERT_KEY}%g /etc/nginx/conf.d/default.conf

fi

if [ "${REGION}" == "true"  ];then
  echo "REGION"
  if [ "${LB_RR}" == "true" ];then
    sed -i s/edoc2_hash/edoc2_rr/g /opt/nginx/nginx_rr.temp
    sed -i s/transport_hash/transport_rr/g /opt/nginx/nginx_rr.temp
    cat /opt/nginx/hash_url.temp >> /etc/nginx/conf.d/default.conf
  fi

  cat /opt/nginx/nginx_rr.temp >> /etc/nginx/conf.d/default.conf
else
    if [ -z "${WF}" -o "${WF}" == "true"  ];then
          cat   << EOF >> /etc/nginx/conf.d/default.conf
            location /edoc2Flow-web {  
            #proxy_redirect off;
            proxy_set_header Host \$http_host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_pass http://WF_ip/edoc2Flow-web/; 
            index  index.html index.htm;
            allow all;
        }
EOF

    fi


if [ "${LB_RR}" == "true" ];then
#当LB_RR=true时,修改默认轮询策略为rr,
    sed -i s/edoc2_hash/edoc2_rr/g /opt/nginx/nginx_rr.temp
    sed -i s/transport_hash/transport_rr/g /opt/nginx/nginx_rr.temp
#复制需要hash的URL路径到nginx配置中
    cat /opt/nginx/hash_url.temp >> /etc/nginx/conf.d/default.conf
fi

# nginx_rr.temp包含了 hash_url.temp的代理,
cat /opt/nginx/nginx_rr.temp >> /etc/nginx/conf.d/default.conf
    if [ "${INBIZTHIRD}" == "true" ]; then
        cat << EOF >> /etc/nginx/conf.d/default.conf
        location /inbiz/third-party/ {
            proxy_pass http://inbiz-third_rr/inbiz/third-party/;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr;
            proxy_set_header REMOTE-HOST \$remote_addr;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            index  index.html index.htm;
            allow all;
        }
        location ^~ /inbiz/third-party/hash/ {
            proxy_pass http://inbiz-third_hash/inbiz/third-party/hash/;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr;
            proxy_set_header REMOTE-HOST \$remote_addr;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            index  index.html index.htm;
            allow all;
        }
EOF
    fi
    if [ "${KMPERM}" == "true" ];then 
        cat << EOF >> /etc/nginx/conf.d/default.conf
        location /kmperm/PermissionList/ {
            proxy_pass http://kmperm_ip/PermissionList/;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr;
            proxy_set_header REMOTE-HOST \$remote_addr;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            index  index.html index.htm;
            allow all;
        }
EOF
    fi
    if [ "${INBIZ}" == "true" ];then
        cat << EOF >> /etc/nginx/conf.d/default.conf
        location /inbiz/AppExport {
            proxy_pass http://inbiz_hash/inbiz/AppExport;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            index  index.html index.htm;
            allow all;
        }     
        location /inbiz/eform/admin/export/ {
            proxy_pass http://inbiz_hash/inbiz/eform/admin/export/;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            index  index.html index.htm;
            allow all;
        }
        location /inbiz/api/hash/ {
            proxy_pass http://inbiz_hash/inbiz/api/hash/  ;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            allow all;
        }
        location /inbiz/wcm/Platform/LayoutNew/ {
            proxy_pass http://inbiz_hash/inbiz/wcm/Platform/LayoutNew/;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            index  index.html index.htm;
            allow all;
        }  
        location /inbiz {
            proxy_pass http://inbiz_rr/inbiz;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            index  index.html index.htm;
            allow all;
        }
        location /portal {
            proxy_pass http://inbiz_rr/inbiz/portal;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            allow all;
        }
        location /wcm {
            proxy_pass http://inbiz_rr/inbiz/wcm;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            allow all;
        }
        location /cms {
            proxy_pass http://inbiz_rr/inbiz/cms;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            allow all;
        }
        location /eform {
            proxy_pass http://inbiz_rr/inbiz/eform;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            allow all;
        }
        location /Content/inbiz  {
            proxy_pass http://inbiz_rr/inbiz/Content/inbiz;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            allow all;
        }
        location /api/services/EForm {
            proxy_pass http://inbiz_rr/inbiz/api/services/eForm;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            allow all;
        }
        location /api/services/WorkFlowDoc {
            proxy_pass http://inbiz_rr/inbiz/api/services/workFlowDoc;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            allow all;
        }
EOF
    fi



    if [ "${INSIGHT}" == "true" ];then
        cat <<  EOF >> /etc/nginx/conf.d/default.conf
                    location /insight/ {
                    proxy_set_header Host \$host;
                    proxy_set_header X-Real-IP \$remote_addr; 
                    proxy_set_header REMOTE-HOST \$remote_addr; 
                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                    proxy_pass http://insight/; 
                    index  index.html index.htm;
                    allow all;
        } 
EOF
    fi

    if [ "${SEARCHENGINE}" == "true" ];then
        cat <<  EOF >> /etc/nginx/conf.d/default.conf
	location /search/ {
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_pass http://searchengine_ip/search/; 
            allow all;
        } 
EOF
    fi

    if [ "${ICS}" == "true" ];then
        cat <<  EOF >> /etc/nginx/conf.d/default.conf
                    location /ics/ {
                    proxy_set_header Host \$host;
                    proxy_set_header X-Real-IP \$remote_addr; 
                    proxy_set_header REMOTE-HOST \$remote_addr; 
                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                    proxy_pass http://ics:8079/ics/; 
                    index  index.html index.htm;
                    allow all;
        } 
EOF
    fi

    if [ "${INGRAPH}" == "true" ];then
        cat <<  EOF >> /etc/nginx/conf.d/default.conf
                    location /ingraph/ {
                    proxy_set_header Host \$host;
                    proxy_set_header X-Real-IP \$remote_addr; 
                    proxy_set_header REMOTE-HOST \$remote_addr; 
                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                    proxy_pass http://ingraph:8080/inGraph/api/; 
                    index  index.html index.htm;
                    allow all;
        } 

        location /ingraph/front/ {
                    proxy_set_header Host \$host;
                    proxy_set_header X-Real-IP \$remote_addr; 
                    proxy_set_header REMOTE-HOST \$remote_addr; 
                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                    proxy_pass http://front/; 
                    index  index.html index.htm;
                    allow all;
        }
EOF
    fi

    if [ "${WORDTEMPLATE}" == "true" ];then
        cat <<  EOF >> /etc/nginx/conf.d/default.conf
                    location /wordtemplate/ {
                    proxy_set_header Host \$host;
                    proxy_set_header X-Real-IP \$remote_addr; 
                    proxy_set_header REMOTE-HOST \$remote_addr; 
                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                    proxy_pass http://wordtemplate/; 
                    index  index.html index.htm;
                    allow all;
        } 
EOF
    fi
    if [ "${UDCMGT}" == "true" ]; then
        cat <<EOF >>/etc/nginx/conf.d/default.conf
        location /udcmgt/ {
            proxy_set_header Host \$http_host;
            proxy_set_header X-Real-IP \$remote_addr;
            proxy_set_header REMOTE-HOST \$remote_addr;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_pass http://udcmgt_hash/;
            index  index.html index.htm;
            allow all;
        }

        location /udcmgt/dbmanager/ {
            proxy_set_header Host \$http_host;
            proxy_set_header X-Real-IP \$remote_addr;
            proxy_set_header REMOTE-HOST \$remote_addr;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_pass http://dbmanager/;
            allow all;
        }

        location ~* /udcmgt/service/(.*)/(.*) {
            proxy_pass http://\$1/\$2\$is_args\$args;
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr;
            proxy_set_header REMOTE-HOST \$remote_addr;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            index  index.html index.htm;
            allow all;
        }
EOF
    fi
    if [ "${EDRMSCORE}" == "true" ];then
        cat <<  EOF >> /etc/nginx/conf.d/default.conf
                    location /edrmscore/ {
                    proxy_set_header Host \$host;
                    proxy_set_header X-Real-IP \$remote_addr; 
                    proxy_set_header REMOTE-HOST \$remote_addr; 
                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                    proxy_pass http://edrmscore_ip/edrmscore/; 
                    index  index.html index.htm;
                    allow all;
        } 
EOF
    fi

    if [  "${EDRMSMOBILE}" == "true" ];then
    cat << EOF >> /etc/nginx/conf.d/default.conf
        location ^~ /edrmsmobile/ {
            proxy_set_header Host \$host;
            proxy_set_header X-Real-IP \$remote_addr; 
            proxy_set_header REMOTE-HOST \$remote_addr; 
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_pass http://edrmsmobile_ip/; 
            index  index.html index.htm;
            allow all;
        }
EOF
    fi
fi


if [ "${WEBOFFICE}" == "true" ];then
    cat << EOF >> /etc/nginx/conf.d/default.conf
        location /6.4.0-121/ {
                proxy_pass http://weboffice/6.4.0-121/;
                proxy_set_header Host \$http_host;
                proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto ${WEBOFFICE_PROTO:=http};
                proxy_cache office_cache;
                proxy_cache_key \$request_uri;
                proxy_cache_methods GET HEAD;
                proxy_cache_valid  200 304 302 24h;
                proxy_cache_use_stale http_502;  
                add_header X-Cache "\$upstream_cache_status from \$server_addr";
        }

        location /printfile/ {
            proxy_pass http://weboffice/printfile/;
            proxy_set_header Host \$http_host;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto ${WEBOFFICE_PROTO:=http};
            proxy_cache office_cache;
            proxy_cache_key \$request_uri;
            proxy_cache_methods GET HEAD;
            proxy_cache_valid  200 304 302 24h;
            proxy_cache_use_stale http_502;  
            add_header X-Cache "\$upstream_cache_status from \$server_addr";
        }

        location  /coauthoring/CommandService.ashx {
            proxy_pass http://weboffice/coauthoring/CommandService.ashx;
            proxy_set_header Host \$http_host;
            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto ${WEBOFFICE_PROTO:=http};
            proxy_cache office_cache;
            proxy_cache_key \$request_uri;
            proxy_cache_methods GET HEAD;
            proxy_cache_valid  200 304 302 24h;
            proxy_cache_use_stale http_502;  
            add_header X-Cache "\$upstream_cache_status from \$server_addr";
        }

        location /web-apps/ {
                proxy_pass http://weboffice/web-apps/;
                proxy_set_header Host \$http_host;
                proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto ${WEBOFFICE_PROTO:=http};
                proxy_cache office_cache;
                proxy_cache_key \$request_uri;
                proxy_cache_methods GET HEAD;
                proxy_cache_valid  200 304 302 24h;
                proxy_cache_use_stale http_502;  
                add_header X-Cache "\$upstream_cache_status from \$server_addr";
        }
    location /cache/files/ {
                proxy_pass http://weboffice/cache/files/;
                proxy_set_header Host \$http_host;
                proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto ${WEBOFFICE_PROTO:=http};
                proxy_cache office_cache;
                proxy_cache_key \$request_uri;
                proxy_cache_methods GET HEAD;
                proxy_cache_valid  200 304 302 24h;
                proxy_cache_use_stale http_502;  
                add_header X-Cache "\$upstream_cache_status from \$server_addr";
    }
        location /weboffice/ {
                proxy_pass http://weboffice/welcome/;
                proxy_set_header Host \$http_host;
                proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto ${WEBOFFICE_PROTO:=http};
                proxy_cache office_cache;
                proxy_cache_key \$request_uri;
                proxy_cache_methods GET HEAD;
                proxy_cache_valid  200 304 302 24h;
                proxy_cache_use_stale http_502;  
                add_header X-Cache "\$upstream_cache_status from \$server_addr";
        }
    location /healthcheck {
                proxy_pass http://weboffice/healthcheck;
                proxy_set_header Host \$http_host;
                proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto ${WEBOFFICE_PROTO:=http};
                proxy_cache office_cache;
                proxy_cache_key \$request_uri;
                proxy_cache_methods GET HEAD;
                proxy_cache_valid  200 304 302 24h;
                proxy_cache_use_stale http_502;  
                add_header X-Cache "\$upstream_cache_status from \$server_addr";
    }

    location ~ websocket$ {
		proxy_pass http://weboffice;
        proxy_set_header Host \$http_host;
		proxy_http_version 1.1;    
		proxy_set_header Upgrade \$http_upgrade;    
        proxy_set_header X-Forwarded-Proto ${WEBOFFICE_PROTO:=http};
		proxy_set_header Connection "Upgrade";    
		proxy_set_header X-real-ip \$remote_addr;
		proxy_set_header X-Forwarded-For \$remote_addr;
		}
EOF
fi

#echo '}'  >> /etc/nginx/conf.d/default.conf
if [ "${REGION}" != "true" ];then
    /opt/nginx/nginx-servicemesh.sh
else
    echo '}' >> /etc/nginx/conf.d/default.conf
fi
#/opt/nginx/nginx-config.sh &
#/opt/nginx/nginx-transport-config.sh &
#/opt/nginx/nginx-weboffice-config.sh &

supervisord -c /etc/supervisord.conf

sleep 5
nginx -g "daemon off;"


